Internet-connected industrial control systems (ICS) at power, utilities, water treatment and manufacturing plants all over the world are under the threat of sabotage as attackers look to compromise their operations.
Craig Searle, Head of Cyber APAC, BAE Systems Applied Intelligence explained that industrial control systems were earlier operated standalone, offering limited opportunity for remote attacks. However, the increasing hyper-connectivity of ICS systems has created a higher risk of cyber sabotage.
BAE Systems Applied Intelligence outlines four steps to reduce the risk of cyber attacks on industrial control systems.
1. Engaging and educating key stakeholders
Organisations should work with key engineers and IT staff to understand the criticality of the systems in the ICS environment, their function and the platform upon which they are hosted.
2. System sensitivity mapping
A systems map grouping different systems based on sensitivity and criticality should be developed to enable organisations to determine which areas are appropriate as a testing environment and which systems entail a high risk of compromising operations. This systems knowledge can then be used as a working tool for all future implementations in the environment.
3. Vulnerability assessment
Once cleared for testing, systems need to be subjected to a vulnerability assessment through penetration testing, which is similar to conventional penetration testing. Within an ICS environment, organisations need to make sure that the systems are not saturated or denying service to legitimate users.
4. Threat modelling
Organisations can use the information obtained from the first three steps to develop a threat model to determine the risks. Generally performed when conventional penetration testing on aspects of the ICS environment is impossible, threat modelling allows the organisation to understand how the systems in the environment could be attacked, the types of compromises that could occur, and the likelihood of attacks.
Observing that industrial control systems are the backbone of today’s society and critical in everyday life, Craig Searle comments that the increasing potential for industrial cyber sabotage makes it imperative for organisations to have a complete view of the risks and security measures to counter this threat.